Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   smart fortress 2012, wie entfernen? (https://www.trojaner-board.de/113643-smart-fortress-2012-entfernen.html)

Janet 14.04.2012 20:25
smart fortress 2012, wie entfernen?
 
Hallo,

ich bin froh euer Forum gefunden zu haben und hoffe, dass Ihr mir helfen könnt. Bitte entschuldigt ggf. falsche Ausdrücke, ich bin nur ein Laie in Sachen Computern, wenn etwas nicht klar ist - einfach fragen.

Letzte Woche habe ich mir smart fortress 2012 eingefangen. Alles hat damit angefangen das ich meinen PC angemacht habe und auf einmal eine Art Virenscanner den ich nicht kannte angeblich mein System gecheckt hat und dabei 39 Gefahren / Viren etc. gefunden hat. Ich sollte eine kostenpflichtige Version des Programmes kaufen. Das habe ich natürlich nicht gemacht. Außerdem hat dieses Programm das Öffnen diverser anderer Programme (Virenscanner, Word, Systemsteuerung usw.) verhindert. Auch ins Internet bin ich über die normale Einwahlsoftware meines Anbieters nicht mehr gekommen. Nach ein paar Minuten hatte ich außerdem einen Bluescreen der PC wurde automatisch heruntergefahren und neugestartet. Auch beim Neustart meldete sich smart fortress mit der selben Meldung. Ich habe ihn dann nur noch ausgemacht und meinen Onlinebankingaccount über die Hotline sperren lassen. Auf dem Desctop hatte ich ein rotes Icon von smart fortess.

Über Ostern war ich nicht da und wollte mich jetzt diese Woche daran machen meinen Rechner zu säubern. Ich habe meinen Rechner normal angemacht und smart fortress meldet sich nicht mehr. Aus dem roten Icon auf dem Desctop ist jetzt eine anders aussehende Verknüpfung geworden. Es läuft auch soweit alles wieder wie vorher. Ich kann ins Internet und meine Programme laufen soweit ich das überblicken kann auch alle wieder. Im Startmenue ist noch ein Ordner von smart fortress, auch unter den installierten Programmen in der Systemsteuerung wird es aufgeführt. Es war in der zwischenzeit definitiv niemand an meinem Rechner. Aufgefallen ist mir nur das mein Rechner beim hochfahren auf einmal sehr laut ist. Im normalen Betrieb ist dies nicht der Fall. Keine Ahnung ob das mit smart fortess zusammen hängt oder eher damit das mein Rechner nicht mehr der Neueste ist.

Am Mittwoch habe ich mit Bullguard mein System durchsucht. Das Protokoll hänge ich an.

Heute habe ich dann wie in eurer Anleitung angeben rkill laufen lassen. Es hat aber anscheinend nichts gefunden, zumindest laut dem log danach. Es standen keine Prozesse da die er beendet hat.

Danach habe ich ich meinen Rechner mit Malwarebytes gescannt.

Log

Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.14.05

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Janet :: JANET-PC [Administrator]

14.04.2012 17:58:20
mbam-log-2012-04-14 (17-58-20).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 466690
Laufzeit: 1 Stunde(n), 46 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Was kann ich jetzt noch tun um sicher zu gehen, dass smart fortress nicht mehr auf meinem PC ist? Insbesondere verunsichert mich das auf ein mal ohne das ich etwas gemacht habe alles wieder läuft. Das ist ja schön, aber für mich irgendwie nicht nachvollziehbar.

Vielen Dank schon mal für eure Hilfe.

cosinus 15.04.2012 19:19
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Janet 15.04.2012 19:31
Hallo Arne,

danke das Du mir helfen wirst.

Ich habe Malewarebytes gestern erst installiert. Vormittags hatte ich erst einen Quickscan gemacht und den vollständigen scan abgebrochen, da ich keine Zeit mehr hatte. Den vollständigen Scan hatte ich dann am Abend noch gemacht.

Hier noch die Logs von den Beiden o.g. Scans.

Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.14.02

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Janet :: JANET-PC [Administrator]

14.04.2012 12:26:44
mbam-log-2012-04-14 (12-26-44).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200565
Laufzeit: 9 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.14.02

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Janet :: JANET-PC [Administrator]

14.04.2012 12:37:27
mbam-log-2012-04-14 (12-37-27).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 200655
Laufzeit: 45 Minute(n), 26 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 15.04.2012 21:09
Führ bitte auch ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Janet 16.04.2012 04:51
Guten Morgen Arne,

Eset ist gerade fertig geworden und hat leider einiges gefunden.

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3e12385e2eef9f498824378235e4e0cd
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-16 03:38:13
# local_time=2012-04-16 05:38:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=4609 16776893 80 79 112620396 168082288 0 0
# compatibility_mode=5892 16776573 100 100 81256 172055402 0 0
# compatibility_mode=8192 67108863 100 0 213 213 0 0
# scanned=310336
# found=6
# cleaned=0
# scan_time=24819
C:\Program Files\BullGuard Software\BullGuard\update\fix-ang.exe        probably a variant of Win32/Agent.DZEHFYW trojan (unable to clean)        00000000000000000000000000000000        I
C:\ProgramData\BullGuard\LiveUpdate\Download\Files\LiveUpdate\${APPDIR}\update\fix-ang.exe.gz        probably a variant of Win32/Agent.DZEHFYW trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\All Users\BullGuard\LiveUpdate\Download\Files\LiveUpdate\${APPDIR}\update\fix-ang.exe.gz        probably a variant of Win32/Agent.DZEHFYW trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Janet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\1fb60693-26ab4ab2        Java/TrojanDownloader.Agent.AB trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Janet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\53fd2b38-4685fb5a        Java/TrojanDownloader.Agent.NAM trojan (unable to clean)        00000000000000000000000000000000        I
D:\TOOLS\Nero Burning ROM 8 Update\Nero-8.2.8.0_deu_update.exe        Win32/Toolbar.AskSBar application (unable to clean)        00000000000000000000000000000000        I

cosinus 16.04.2012 11:37
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Janet 16.04.2012 18:00
Sorry das ich jetzt erst antworte, bin tagsüber auf Arbeit und kann mich daher nur Abends melden.

zu 1.) Was meinst Du mit uneingeschränkt? Ich würde sagen, ja. Internet funktioniert, Programme funktionieren, keine Fehlermeldungen / Bluescreens etc. Auch keine Meldungen mehr von Smart fortress. Die Programme die vorher gesperrt waren wegen angeblichen Virenbefall funktionieren wieder. Ich komme auch in die Systemsteuerung wieder. Ich würde sagen: alles ok.

zu 2.) Im Startmenue unter alle Programme ist alles vorhanden. Es gibt keine leeren Ordner. Es gibt aber einen zusätzlichen Ordner "smart fortress 2012" der wohl die Verknüpfung enthält die auch auf meinem Desktop ist.

cosinus 16.04.2012 20:19
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Janet 17.04.2012 18:03
OTL.Txt

Code:
OTL logfile created on: 17.04.2012 18:26:28 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Users\Janet\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 51,91% Memory free
4,23 Gb Paging File | 2,80 Gb Available in Paging File | 66,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 255,52 Gb Free Space | 57,32% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 10,68 Gb Free Space | 53,40% Space Free | Partition Type: FAT32
 
Computer Name: JANET-PC | User Name: Janet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.17 18:21:56 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Janet\Downloads\OTL.exe
PRC - [2011.10.15 10:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.09.13 15:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2009.05.06 19:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.04.10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.06 18:51:28 | 003,885,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2008.04.13 12:13:16 | 000,308,552 | ---- | M] (BullGuard Software) -- C:\Programme\BullGuard Software\BullGuard\BullGuard.exe
PRC - [2008.03.16 11:33:50 | 000,718,152 | ---- | M] (BullGuard Software) -- C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe
PRC - [2008.03.06 17:13:36 | 000,403,968 | ---- | M] (Hansenet) -- C:\Programme\Alice\Signup\AliceCnn.exe
PRC - [2008.02.07 11:35:44 | 000,776,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2008.01.19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 00:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 00:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.11.30 08:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEAE.EXE
PRC - [2007.11.14 16:50:42 | 004,706,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.16 11:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2007.04.13 19:14:28 | 000,016,384 | ---- | M] (Empolis GmbH) -- C:\Programme\Medion\MEDIONbox\Program\GCS.exe
PRC - [2007.04.13 19:14:26 | 000,036,864 | ---- | M] (Empolis GmbH) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe
PRC - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007.03.24 22:44:20 | 000,114,688 | ---- | M] () -- C:\Programme\Alice\Signup\sys.plg
MOD - [2007.02.12 18:54:30 | 000,253,952 | ---- | M] () -- C:\Programme\Alice\Signup\dslsetup.plg
MOD - [2005.10.04 18:28:40 | 000,081,920 | ---- | M] () -- C:\Programme\Alice\Signup\htmlpars.plg
MOD - [2005.09.23 19:10:22 | 000,081,920 | ---- | M] () -- C:\Programme\Alice\Signup\alice.plg
MOD - [2005.08.17 20:36:28 | 000,090,112 | ---- | M] () -- C:\Programme\Alice\Signup\Support.plg
MOD - [2005.04.15 13:35:50 | 000,077,824 | ---- | M] () -- C:\Programme\Alice\Signup\SueDsl.plg
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.12 20:10:56 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.05.06 19:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.09.19 19:47:16 | 000,107,848 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Software\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV - [2008.08.07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008.03.20 14:07:16 | 000,058,696 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Software\BullGuard\BsMailProxy.dll -- (BsMailProxy)
SRV - [2008.03.16 11:33:50 | 000,718,152 | ---- | M] (BullGuard Software) [Auto | Running] -- C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe -- (BGLiveSvc)
SRV - [2008.03.16 11:33:40 | 000,083,272 | ---- | M] (BullGuard, Ltd.) [Auto | Running] -- C:\Programme\BullGuard Software\BullGuard\BsMain.dll -- (BgMainSvc)
SRV - [2008.02.07 11:35:44 | 000,069,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 00:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.08.16 11:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2007.04.13 19:14:26 | 000,036,864 | ---- | M] (Empolis GmbH) [Auto | Running] -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe -- (GnabService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011.10.15 10:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.04.10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.03.16 11:33:55 | 000,050,896 | ---- | M] (BullGuard Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BdFileSpy.sys -- (BdFileSpy)
DRV - [2008.02.27 21:31:13 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.02.27 21:31:12 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.01.08 09:17:08 | 001,302,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007.11.18 04:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.10.31 12:23:20 | 000,115,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.09.21 11:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.07.07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.05.16 13:07:58 | 000,016,984 | ---- | M] (BullGuard Ltd.) [Kernel | On_Demand | Running] -- C:\Programme\BullGuard Software\BullGuard\Reconn.sys -- (Reconn)
DRV - [2006.11.30 16:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.28 23:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 23:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - [2006.11.17 11:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_deDE265
IE - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Janet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.19 22:03:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.15 15:08:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter [2008.03.16 17:27:08 | 000,000,000 | ---D | M]
 
[2009.10.10 17:56:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janet\AppData\Roaming\mozilla\Extensions
[2012.04.16 21:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Janet\AppData\Roaming\mozilla\Firefox\Profiles\jnqba3oc.default\extensions
[2011.04.27 00:18:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Janet\AppData\Roaming\mozilla\Firefox\Profiles\jnqba3oc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.04.10 21:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.10 23:01:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
[2011.12.10 23:01:27 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.08.24 21:25:19 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.08.24 21:25:19 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.08.24 21:25:19 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.08.24 21:25:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.08.24 21:25:19 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Software\BullGuard\bullguard.exe (BullGuard Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003..\Run: [BullGuard] C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software)
O4 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003..\Run: [EPSON Stylus S20 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEAE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Felder mit Bestellhelfer ausfüllen - C:\Program Files\DHL\DHL Bestellhelfer\fillFormContext.html ()
O8 - Extra context menu item: Felder mit Bestellhelfer merken - C:\Program Files\DHL\DHL Bestellhelfer\assignContext.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: DHL Bestellhelfer - {AC38BD53-2101-4ec8-A4D7-D1E58C690E71} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : DHL Bestellhelfer - {AC38BD53-2101-4ec8-A4D7-D1E58C690E71} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\..Trusted Domains: fernuni-hagen.de ([ca] https in Trusted sites)
O15 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\..Trusted Domains: fernuni-hagen.de ([pos] https in Trusted sites)
O15 - HKU\S-1-5-21-2593873034-2721537522-2536930808-1003\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} hxxp://www.psapoll.com/CopyGuardIE.cab (CopyGuardCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228413342227 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E9B39AC7-B9FB-48CA-84A0-1659A05C0008} hxxp://www.wohnmoebel.de/priess/install/KPSA-home%20Priess.cab (ActiveFormX Element)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A534F7E-8C94-48C5-ADAD-357149947882}: NameServer = 62.109.123.196 213.191.74.18
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Janet\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Janet\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\Shell - "" = AutoRun
O33 - MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\Shell\AutoRun\command - "" = I:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {01494900-0430-8926-D5BF-8A8312738D21} -
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {04A3CF90-110D-EA28-3551-A6DA209B1F6B} -
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.15 22:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.15 19:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012.04.15 00:08:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012.04.15 00:08:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012.04.15 00:08:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012.04.14 23:43:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.04.14 22:57:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.04.14 22:08:27 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\InstallShield
[2012.04.14 21:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.04.14 21:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.04.14 12:25:04 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\Malwarebytes
[2012.04.14 12:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.14 12:24:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.14 12:24:54 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.14 12:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.02 20:45:25 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Fortress 2012
[2012.04.02 20:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F2C00016056000AD65EEEC1FB6E
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.17 18:37:15 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.17 18:21:34 | 000,698,904 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.17 18:21:34 | 000,655,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.17 18:21:34 | 000,156,140 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.17 18:21:34 | 000,128,206 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.17 18:13:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.17 18:13:18 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 18:13:17 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 18:13:12 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.17 18:13:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.17 18:12:47 | 2146,709,504 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.16 01:45:04 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.04.15 20:00:43 | 000,425,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.15 19:56:59 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.04.15 19:56:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012.04.15 17:34:52 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.04.15 17:34:51 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.04.15 17:34:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.04.15 15:08:34 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012.04.14 21:20:20 | 000,032,621 | ---- | M] () -- C:\Users\Janet\Desktop\Log#0.zip
[2012.04.10 20:57:01 | 000,001,356 | ---- | M] () -- C:\Users\Janet\AppData\Local\d3d9caps.dat
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.02 20:45:25 | 000,001,040 | ---- | M] () -- C:\Users\Janet\Desktop\Smart Fortress 2012.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.15 19:56:59 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.04.15 19:56:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012.04.15 17:34:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.04.15 14:52:21 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012.04.15 14:52:21 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2012.04.14 23:10:21 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012.04.14 23:10:13 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012.04.14 23:10:12 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012.04.14 23:09:13 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012.04.14 23:09:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.04.14 23:09:00 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012.04.14 23:06:45 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012.04.14 23:06:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.04.14 23:05:59 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012.04.14 23:05:56 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012.04.14 23:05:46 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.04.14 21:20:20 | 000,032,621 | ---- | C] () -- C:\Users\Janet\Desktop\Log#0.zip
[2012.04.12 20:10:57 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.10 21:06:36 | 2146,709,504 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.02 20:45:25 | 000,001,040 | ---- | C] () -- C:\Users\Janet\Desktop\Smart Fortress 2012.lnk
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.01.28 20:53:03 | 000,000,808 | ---- | C] () -- C:\Windows\wiso.ini
[2010.08.03 19:33:15 | 000,000,580 | ---- | C] () -- C:\Windows\eReg.dat
[2010.07.07 19:15:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
 
========== LOP Check ==========
 
[2011.11.12 23:19:00 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Amazon
[2011.02.11 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Buhl Data Service
[2008.02.07 12:40:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Buhl Data Service GmbH
[2009.05.23 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\BullGuard
[2008.05.25 19:46:23 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Canon
[2009.05.25 02:02:01 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\gtk-2.0
[2008.05.24 20:53:37 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Haufe
[2008.10.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Leadertech
[2008.05.24 19:49:21 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Lexware
[2009.11.22 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\MAGIX
[2012.03.07 20:19:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Origin
[2008.06.22 10:01:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Panasonic
[2008.04.18 19:51:28 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Sonavis
[2008.02.10 20:14:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Template
[2008.02.07 19:30:44 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\TVcentral-Core
[2008.02.07 21:00:07 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\VMedia
[2008.11.19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2
[2008.11.19 21:14:18 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch
[2008.11.19 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2 - Marine World
[2012.04.16 23:05:46 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.02.27 11:21:03 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Adobe
[2011.11.12 23:19:00 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Amazon
[2011.11.14 23:30:19 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Apple Computer
[2011.02.11 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Buhl Data Service
[2008.02.07 12:40:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Buhl Data Service GmbH
[2009.05.23 11:05:51 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\BullGuard
[2008.05.25 19:46:23 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Canon
[2009.05.09 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\CyberLink
[2010.01.14 21:51:02 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\DivX
[2008.03.07 16:52:43 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Google
[2009.05.25 02:02:01 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\gtk-2.0
[2008.05.24 20:53:37 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Haufe
[2008.02.07 11:46:25 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Identities
[2012.04.14 22:08:27 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\InstallShield
[2008.10.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Leadertech
[2008.05.24 19:49:21 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Lexware
[2008.03.06 17:21:11 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Macromedia
[2009.11.22 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\MAGIX
[2012.04.14 12:25:04 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Media Center Programs
[2011.10.30 22:18:11 | 000,000,000 | --SD | M] -- C:\Users\Janet\AppData\Roaming\Microsoft
[2010.02.28 13:37:43 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Microsoft Games
[2009.10.10 17:56:38 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Mozilla
[2008.02.07 11:46:43 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Nero
[2012.03.07 20:19:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Origin
[2008.06.22 10:01:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Panasonic
[2009.12.18 18:36:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Real
[2008.04.18 19:51:28 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Sonavis
[2008.02.10 20:14:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Template
[2008.02.07 19:30:44 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\TVcentral-Core
[2008.02.07 21:00:07 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\VMedia
[2008.11.19 20:21:31 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2
[2008.11.19 21:14:18 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch
[2008.11.19 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Wildlife Park 2 - Marine World
[2008.04.06 10:36:51 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.07.11 14:31:33 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Janet\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.06.15 21:46:50 | 002,605,008 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Janet\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.09.23 22:02:11 | 000,001,406 | R--- | M] () -- C:\Users\Janet\AppData\Roaming\Microsoft\Installer\{B033CE38-B38A-4920-8556-AE38E553680A}\_6FEFF9B68218417F98F549.exe
[2009.06.04 17:33:17 | 000,010,134 | R--- | M] () -- C:\Users\Janet\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.12.16 22:11:19 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.05.30 18:21:30 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.18 21:19:04 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.11.18 22:35:36 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.11.26 12:22:04 | 026,533,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer_de.exe
[2011.11.26 12:21:20 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janet\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer_de.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007.09.10 13:13:48 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c2a1b5ae\atapi.sys
[2007.09.10 13:13:48 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20518_none_dbd8b4d73d81c9d0\atapi.sys
[2008.03.08 22:41:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.03.08 22:41:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.03.08 22:41:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008.03.08 22:41:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.01.12 23:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\HomeCinema\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.10.31 12:23:20 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=4876E7C3184BDF50EDE043FEF616B867 -- C:\Windows\System32\drivers\nvstor32.sys
[2007.10.31 12:23:20 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=4876E7C3184BDF50EDE043FEF616B867 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_a4ed2674\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.11.14 23:54:45 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007.11.14 23:54:45 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 00:36:48 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.10 23:28:22 | 000,179,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msnetobj.dll
 
<          >

< End of report >
Brauchst Du die Extras.Txt auch?

cosinus 17.04.2012 19:01
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\Shell - "" = AutoRun
O33 - MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\Shell\AutoRun\command - "" = I:\Autorun.exe
[2012.04.02 20:45:25 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Fortress 2012
[2012.04.02 20:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F2C00016056000AD65EEEC1FB6E
[2012.04.02 20:45:25 | 000,001,040 | ---- | M] () -- C:\Users\Janet\Desktop\Smart Fortress 2012.lnk
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Janet 17.04.2012 19:34
Windows hat mitten beim Fix gemeldet das OTL nicht mehr funktioniert und geschlossen werden muss. Danach hatte ich auf meinem Desktop keine Symbole mehr und der Rechner hat auf nichts mehr reagiert außer auf Strg + Alt + Entf. Habe den PC runter gefahren und wieder angemacht. Soll ich es noch mal probieren?

cosinus 17.04.2012 19:59
Wiederhol den Fix im abgesicherten Modus bitte

Janet 17.04.2012 20:16
Im abgesicherten Modus hat es dann geklappt.
Ach ja was mir aufgefallen ist und vlt. die Einträge im Log erklärt. Nach dem ersten Fixversuch waren schon der Ordner im Startmenue und das Desktopsymbol von smart fortress weg. Allerdings war an der Stelle des Symbols eine neue Datei "Desktop.ini". Die ist jetzt nach dem hoffentlich geglückten Fix auch weg. Ein Neustart wurde zum Löschen der Dateien auch verlangt und durchgeführt.

Hier das Log.

Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ec20133-237a-11df-b2ac-001d9260e62a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ec20133-237a-11df-b2ac-001d9260e62a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ec20133-237a-11df-b2ac-001d9260e62a}\ not found.
File I:\Autorun.exe not found.
Folder C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Fortress 2012\ not found.
Folder C:\ProgramData\F4D55F2C00016056000AD65EEEC1FB6E\ not found.
File C:\Users\Janet\Desktop\Smart Fortress 2012.lnk not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Janet
->Temp folder emptied: 36212 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 20141539 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 366732162 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 369,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Janet
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04172012_210904

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 18.04.2012 09:02
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Janet 18.04.2012 18:05
Hier das Log

Code:
18:55:31.0572 6012        TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
18:55:32.0352 6012        ============================================================
18:55:32.0352 6012        Current date / time: 2012/04/18 18:55:32.0352
18:55:32.0352 6012        SystemInfo:
18:55:32.0352 6012       
18:55:32.0352 6012        OS Version: 6.0.6002 ServicePack: 2.0
18:55:32.0352 6012        Product type: Workstation
18:55:32.0352 6012        ComputerName: JANET-PC
18:55:32.0352 6012        UserName: Janet
18:55:32.0352 6012        Windows directory: C:\Windows
18:55:32.0352 6012        System windows directory: C:\Windows
18:55:32.0352 6012        Processor architecture: Intel x86
18:55:32.0352 6012        Number of processors: 2
18:55:32.0352 6012        Page size: 0x1000
18:55:32.0352 6012        Boot type: Normal boot
18:55:32.0352 6012        ============================================================
18:55:33.0600 6012        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:55:33.0646 6012        \Device\Harddisk0\DR0:
18:55:33.0662 6012        MBR partitions:
18:55:33.0662 6012        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B8418F
18:55:33.0678 6012        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
18:55:33.0756 6012        C: <-> \Device\Harddisk0\DR0\Partition0
18:55:33.0756 6012        D: <-> \Device\Harddisk0\DR0\Partition1
18:55:33.0756 6012        Initialize success
18:55:33.0756 6012        ============================================================
19:01:03.0836 4700        ============================================================
19:01:03.0836 4700        Scan started
19:01:03.0836 4700        Mode: Manual; SigCheck; TDLFS;
19:01:03.0836 4700        ============================================================
19:01:04.0132 4700        3xHybrid        (651c54ac4ec5c5397c5aff5d575ca45b) C:\Windows\system32\DRIVERS\3xHybrid.sys
19:01:04.0491 4700        3xHybrid - ok
19:01:04.0569 4700        61883          (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
19:01:04.0694 4700        61883 - ok
19:01:04.0819 4700        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:01:04.0850 4700        ACPI - ok
19:01:05.0022 4700        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:01:05.0053 4700        AdobeARMservice - ok
19:01:05.0209 4700        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:05.0256 4700        AdobeFlashPlayerUpdateSvc - ok
19:01:05.0349 4700        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:01:05.0380 4700        adp94xx - ok
19:01:05.0427 4700        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:01:05.0443 4700        adpahci - ok
19:01:05.0474 4700        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:01:05.0490 4700        adpu160m - ok
19:01:05.0521 4700        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:01:05.0552 4700        adpu320 - ok
19:01:05.0583 4700        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:01:05.0724 4700        AeLookupSvc - ok
19:01:05.0786 4700        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:01:05.0895 4700        AFD - ok
19:01:05.0911 4700        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:01:05.0942 4700        agp440 - ok
19:01:05.0973 4700        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:01:05.0989 4700        aic78xx - ok
19:01:06.0036 4700        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:01:06.0067 4700        ALG - ok
19:01:06.0098 4700        aliide          (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
19:01:06.0114 4700        aliide - ok
19:01:06.0145 4700        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:01:06.0160 4700        amdagp - ok
19:01:06.0176 4700        amdide          (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
19:01:06.0192 4700        amdide - ok
19:01:06.0207 4700        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:01:06.0348 4700        AmdK7 - ok
19:01:06.0348 4700        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
19:01:06.0426 4700        AmdK8 - ok
19:01:06.0472 4700        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:01:06.0535 4700        Appinfo - ok
19:01:06.0722 4700        Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:06.0753 4700        Apple Mobile Device - ok
19:01:06.0769 4700        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:01:06.0800 4700        arc - ok
19:01:06.0816 4700        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:01:06.0831 4700        arcsas - ok
19:01:07.0128 4700        aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:01:07.0174 4700        aspnet_state - ok
19:01:07.0268 4700        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:07.0315 4700        AsyncMac - ok
19:01:07.0346 4700        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:01:07.0362 4700        atapi - ok
19:01:07.0518 4700        atksgt          (72bc628af75c4c3250f2a3bac260265a) C:\Windows\system32\DRIVERS\atksgt.sys
19:01:07.0580 4700        atksgt - ok
19:01:07.0642 4700        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:01:07.0689 4700        AudioEndpointBuilder - ok
19:01:07.0720 4700        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:01:07.0736 4700        Audiosrv - ok
19:01:07.0767 4700        Avc            (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
19:01:07.0845 4700        Avc - ok
19:01:07.0892 4700        BdFileSpy      (49ea1829ad8fe3bc7e56b81ec4922be5) C:\Windows\system32\drivers\BdFileSpy.sys
19:01:07.0923 4700        BdFileSpy - ok
19:01:07.0970 4700        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:01:08.0032 4700        Beep - ok
19:01:08.0142 4700        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:01:08.0188 4700        BFE - ok
19:01:08.0344 4700        BGLiveSvc      (a657a7530574b823dc680101ed69b04f) C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
19:01:08.0407 4700        BGLiveSvc ( UnsignedFile.Multi.Generic ) - warning
19:01:08.0407 4700        BGLiveSvc - detected UnsignedFile.Multi.Generic (1)
19:01:08.0469 4700        BgMainSvc      (99473441bdb18ec05b3a0704857ed107) C:\Program Files\BullGuard Software\BullGuard\BsMain.dll
19:01:08.0485 4700        BgMainSvc - ok
19:01:08.0578 4700        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:01:08.0656 4700        BITS - ok
19:01:08.0672 4700        blbdrive - ok
19:01:08.0968 4700        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:01:09.0000 4700        Bonjour Service - ok
19:01:09.0093 4700        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:01:09.0156 4700        bowser - ok
19:01:09.0202 4700        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:01:09.0249 4700        BrFiltLo - ok
19:01:09.0249 4700        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:01:09.0296 4700        BrFiltUp - ok
19:01:09.0327 4700        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:01:09.0390 4700        Browser - ok
19:01:09.0390 4700        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:01:09.0452 4700        Brserid - ok
19:01:09.0499 4700        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:01:09.0592 4700        BrSerWdm - ok
19:01:09.0624 4700        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:01:09.0670 4700        BrUsbMdm - ok
19:01:09.0702 4700        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:01:09.0780 4700        BrUsbSer - ok
19:01:09.0904 4700        BsFileScan      (14097adfb42c1c2a1c1bf04ee165125b) C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll
19:01:09.0936 4700        BsFileScan - ok
19:01:09.0982 4700        BsMailProxy    (951ba32e312c68ec8fd725eee7db5d60) C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll
19:01:09.0998 4700        BsMailProxy - ok
19:01:10.0014 4700        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:01:10.0092 4700        BTHMODEM - ok
19:01:10.0154 4700        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:01:10.0185 4700        cdfs - ok
19:01:10.0216 4700        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:01:10.0263 4700        cdrom - ok
19:01:10.0326 4700        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:01:10.0372 4700        CertPropSvc - ok
19:01:10.0388 4700        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:01:10.0450 4700        circlass - ok
19:01:10.0466 4700        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:01:10.0497 4700        CLFS - ok
19:01:10.0575 4700        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:10.0591 4700        clr_optimization_v2.0.50727_32 - ok
19:01:10.0856 4700        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:10.0950 4700        clr_optimization_v4.0.30319_32 - ok
19:01:10.0965 4700        cmdide          (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
19:01:10.0981 4700        cmdide - ok
19:01:10.0996 4700        Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
19:01:11.0012 4700        Compbatt - ok
19:01:11.0028 4700        COMSysApp - ok
19:01:11.0043 4700        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:01:11.0059 4700        crcdisk - ok
19:01:11.0074 4700        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:01:11.0199 4700        Crusoe - ok
19:01:11.0262 4700        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:01:11.0293 4700        CryptSvc - ok
19:01:11.0355 4700        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:01:11.0433 4700        DcomLaunch - ok
19:01:11.0480 4700        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:01:11.0605 4700        DfsC - ok
19:01:11.0714 4700        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:01:11.0901 4700        DFSR - ok
19:01:11.0964 4700        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:01:12.0010 4700        Dhcp - ok
19:01:12.0042 4700        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:01:12.0073 4700        disk - ok
19:01:12.0120 4700        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:01:12.0182 4700        Dnscache - ok
19:01:12.0229 4700        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:01:12.0291 4700        dot3svc - ok
19:01:12.0322 4700        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:01:12.0385 4700        DPS - ok
19:01:12.0432 4700        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:01:12.0463 4700        drmkaud - ok
19:01:12.0494 4700        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:01:12.0525 4700        DXGKrnl - ok
19:01:12.0603 4700        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:01:12.0681 4700        E1G60 - ok
19:01:12.0744 4700        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:01:12.0775 4700        EapHost - ok
19:01:12.0837 4700        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:01:12.0884 4700        Ecache - ok
19:01:12.0993 4700        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:01:13.0024 4700        ehRecvr - ok
19:01:13.0056 4700        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:01:13.0102 4700        ehSched - ok
19:01:13.0134 4700        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:01:13.0149 4700        ehstart - ok
19:01:13.0196 4700        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:01:13.0243 4700        elxstor - ok
19:01:13.0305 4700        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:01:13.0399 4700        EMDMgmt - ok
19:01:13.0477 4700        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:01:13.0555 4700        EventSystem - ok
19:01:13.0602 4700        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:01:13.0664 4700        exfat - ok
19:01:13.0773 4700        Fabs - ok
19:01:13.0836 4700        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:01:13.0914 4700        fastfat - ok
19:01:13.0960 4700        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:01:14.0038 4700        fdc - ok
19:01:14.0070 4700        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:01:14.0101 4700        fdPHost - ok
19:01:14.0116 4700        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:01:14.0179 4700        FDResPub - ok
19:01:14.0226 4700        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:01:14.0257 4700        FileInfo - ok
19:01:14.0272 4700        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:01:14.0319 4700        Filetrace - ok
19:01:15.0052 4700        FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:01:15.0255 4700        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:01:15.0255 4700        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:01:15.0567 4700        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:01:15.0645 4700        flpydisk - ok
19:01:15.0770 4700        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:01:15.0801 4700        FltMgr - ok
19:01:16.0051 4700        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:01:16.0129 4700        FontCache - ok
19:01:16.0222 4700        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:01:16.0254 4700        FontCache3.0.0.0 - ok
19:01:16.0269 4700        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
19:01:16.0316 4700        Fs_Rec - ok
19:01:16.0394 4700        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:01:16.0410 4700        gagp30kx - ok
19:01:16.0488 4700        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:01:16.0503 4700        GEARAspiWDM - ok
19:01:16.0550 4700        GnabService    (51b2d8629e1a0f463682f365d56325cb) c:\program files\common files\gnab\service\servicecontroller.exe
19:01:16.0597 4700        GnabService ( UnsignedFile.Multi.Generic ) - warning
19:01:16.0597 4700        GnabService - detected UnsignedFile.Multi.Generic (1)
19:01:16.0675 4700        GoogleDesktopManager (4a381768fcaf9096ec96a29f9602a3ed) C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
19:01:16.0706 4700        GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
19:01:16.0706 4700        GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
19:01:16.0940 4700        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:01:17.0002 4700        gpsvc - ok
19:01:17.0112 4700        gupdate1c99423b8ae4260 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:17.0174 4700        gupdate1c99423b8ae4260 - ok
19:01:17.0221 4700        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:17.0221 4700        gupdatem - ok
19:01:17.0299 4700        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:01:17.0346 4700        gusvc - ok
19:01:17.0736 4700        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:01:17.0907 4700        HdAudAddService - ok
19:01:18.0110 4700        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:18.0204 4700        HDAudBus - ok
19:01:18.0250 4700        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:01:18.0313 4700        HidBth - ok
19:01:18.0344 4700        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:01:18.0391 4700        HidIr - ok
19:01:18.0500 4700        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:01:18.0594 4700        hidserv - ok
19:01:18.0656 4700        HidUsb          (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
19:01:18.0750 4700        HidUsb - ok
19:01:18.0796 4700        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:01:18.0859 4700        hkmsvc - ok
19:01:18.0874 4700        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:01:18.0890 4700        HpCISSs - ok
19:01:18.0937 4700        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:01:19.0046 4700        HTTP - ok
19:01:19.0077 4700        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:01:19.0093 4700        i2omp - ok
19:01:19.0155 4700        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:01:19.0186 4700        i8042prt - ok
19:01:19.0218 4700        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:01:19.0249 4700        iaStorV - ok
19:01:19.0420 4700        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:01:19.0436 4700        IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:01:19.0436 4700        IDriverT - detected UnsignedFile.Multi.Generic (1)
19:01:19.0530 4700        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:01:19.0608 4700        idsvc - ok
19:01:19.0623 4700        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:01:19.0639 4700        iirsp - ok
19:01:19.0701 4700        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:01:19.0764 4700        IKEEXT - ok
19:01:19.0982 4700        IntcAzAudAddService (56661beae591e59067710b6cbca78184) C:\Windows\system32\drivers\RTKVHDA.sys
19:01:20.0200 4700        IntcAzAudAddService - ok
19:01:20.0325 4700        intelide        (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
19:01:20.0341 4700        intelide - ok
19:01:20.0419 4700        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:01:20.0481 4700        intelppm - ok
19:01:20.0544 4700        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:01:20.0590 4700        IPBusEnum - ok
19:01:20.0653 4700        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:20.0700 4700        IpFilterDriver - ok
19:01:20.0809 4700        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:01:20.0856 4700        iphlpsvc - ok
19:01:20.0887 4700        IpInIp - ok
19:01:20.0887 4700        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:01:20.0965 4700        IPMIDRV - ok
19:01:21.0012 4700        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:01:21.0090 4700        IPNAT - ok
19:01:21.0495 4700        iPod Service    (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
19:01:21.0511 4700        iPod Service - ok
19:01:21.0558 4700        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:01:21.0589 4700        IRENUM - ok
19:01:21.0620 4700        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:01:21.0636 4700        isapnp - ok
19:01:21.0698 4700        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:01:21.0729 4700        iScsiPrt - ok
19:01:21.0745 4700        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:01:21.0760 4700        iteatapi - ok
19:01:21.0776 4700        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:01:21.0807 4700        iteraid - ok
19:01:21.0838 4700        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:21.0870 4700        kbdclass - ok
19:01:21.0901 4700        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:21.0932 4700        kbdhid - ok
19:01:21.0963 4700        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:01:22.0057 4700        KeyIso - ok
19:01:22.0088 4700        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:01:22.0166 4700        KSecDD - ok
19:01:22.0244 4700        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:01:22.0306 4700        KtmRm - ok
19:01:22.0338 4700        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:01:22.0400 4700        LanmanServer - ok
19:01:22.0556 4700        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:01:22.0634 4700        LanmanWorkstation - ok
19:01:22.0759 4700        LexBceS        (aeedacc6fb20fdba95213ad3bb009b7d) C:\Windows\System32\LEXBCES.EXE
19:01:22.0852 4700        LexBceS - ok
19:01:22.0930 4700        lirsgt          (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
19:01:22.0946 4700        lirsgt - ok
19:01:22.0977 4700        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:01:23.0024 4700        lltdio - ok
19:01:23.0086 4700        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:01:23.0164 4700        lltdsvc - ok
19:01:23.0196 4700        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:01:23.0242 4700        lmhosts - ok
19:01:23.0305 4700        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:01:23.0320 4700        LSI_FC - ok
19:01:23.0336 4700        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:01:23.0352 4700        LSI_SAS - ok
19:01:23.0383 4700        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:01:23.0398 4700        LSI_SCSI - ok
19:01:23.0430 4700        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:01:23.0492 4700        luafv - ok
19:01:23.0539 4700        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:01:23.0554 4700        Mcx2Svc - ok
19:01:23.0601 4700        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:01:23.0617 4700        megasas - ok
19:01:23.0632 4700        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:01:23.0664 4700        MMCSS - ok
19:01:23.0695 4700        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:01:23.0742 4700        Modem - ok
19:01:23.0773 4700        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:01:23.0820 4700        monitor - ok
19:01:23.0851 4700        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:01:23.0866 4700        mouclass - ok
19:01:23.0882 4700        mouhid          (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\DRIVERS\mouhid.sys
19:01:23.0944 4700        mouhid - ok
19:01:23.0976 4700        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:01:23.0991 4700        MountMgr - ok
19:01:24.0022 4700        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:01:24.0054 4700        mpio - ok
19:01:24.0069 4700        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:01:24.0116 4700        mpsdrv - ok
19:01:24.0147 4700        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:01:24.0194 4700        MpsSvc - ok
19:01:24.0210 4700        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:01:24.0225 4700        Mraid35x - ok
19:01:24.0256 4700        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:01:24.0288 4700        MRxDAV - ok
19:01:24.0319 4700        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:24.0381 4700        mrxsmb - ok
19:01:24.0428 4700        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:24.0475 4700        mrxsmb10 - ok
19:01:24.0490 4700        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:24.0537 4700        mrxsmb20 - ok
19:01:24.0537 4700        msahci          (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
19:01:24.0568 4700        msahci - ok
19:01:24.0568 4700        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:01:24.0600 4700        msdsm - ok
19:01:24.0631 4700        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:01:24.0678 4700        MSDTC - ok
19:01:24.0724 4700        MSDV            (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
19:01:24.0756 4700        MSDV - ok
19:01:24.0787 4700        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:01:24.0834 4700        Msfs - ok
19:01:24.0880 4700        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:01:24.0912 4700        msisadrv - ok
19:01:24.0943 4700        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:01:24.0990 4700        MSiSCSI - ok
19:01:25.0005 4700        msiserver - ok
19:01:25.0052 4700        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:01:25.0099 4700        MSKSSRV - ok
19:01:25.0161 4700        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:25.0208 4700        MSPCLOCK - ok
19:01:25.0224 4700        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:01:25.0270 4700        MSPQM - ok
19:01:25.0302 4700        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:01:25.0333 4700        MsRPC - ok
19:01:25.0348 4700        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:01:25.0380 4700        mssmbios - ok
19:01:25.0395 4700        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:01:25.0458 4700        MSTEE - ok
19:01:25.0489 4700        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:01:25.0504 4700        Mup - ok
19:01:25.0551 4700        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:01:25.0629 4700        napagent - ok
19:01:25.0692 4700        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:01:25.0723 4700        NativeWifiP - ok
19:01:25.0801 4700        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:01:25.0863 4700        NDIS - ok
19:01:25.0894 4700        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:25.0941 4700        NdisTapi - ok
19:01:25.0957 4700        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:25.0988 4700        Ndisuio - ok
19:01:26.0019 4700        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:26.0066 4700        NdisWan - ok
19:01:26.0082 4700        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:01:26.0128 4700        NDProxy - ok
19:01:26.0222 4700        Nero BackItUp Scheduler 3 (c5052fb77aa42ed440f9f6b4e37145a9) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:01:26.0362 4700        Nero BackItUp Scheduler 3 - ok
19:01:26.0394 4700        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:01:26.0440 4700        NetBIOS - ok
19:01:26.0472 4700        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:01:26.0534 4700        netbt - ok
19:01:26.0581 4700        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:01:26.0596 4700        Netlogon - ok
19:01:26.0721 4700        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:01:26.0768 4700        Netman - ok
19:01:27.0345 4700        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:01:27.0376 4700        NetMsmqActivator - ok
19:01:27.0376 4700        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:01:27.0392 4700        NetPipeActivator - ok
19:01:27.0423 4700        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:01:27.0486 4700        netprofm - ok
19:01:27.0548 4700        netr28u        (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
19:01:27.0626 4700        netr28u - ok
19:01:27.0626 4700        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:01:27.0642 4700        NetTcpActivator - ok
19:01:27.0642 4700        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:01:27.0657 4700        NetTcpPortSharing - ok
19:01:27.0688 4700        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:01:27.0720 4700        nfrd960 - ok
19:01:27.0735 4700        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:01:27.0766 4700        NlaSvc - ok
19:01:27.0969 4700        NMIndexingService (74149bcf0307bb76d68c0f8912df731c) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:01:28.0047 4700        NMIndexingService - ok
19:01:28.0094 4700        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:01:28.0172 4700        Npfs - ok
19:01:28.0234 4700        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:01:28.0312 4700        nsi - ok
19:01:28.0328 4700        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:01:28.0359 4700        nsiproxy - ok
19:01:28.0453 4700        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:01:28.0562 4700        Ntfs - ok
19:01:28.0624 4700        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:01:28.0702 4700        ntrigdigi - ok
19:01:28.0734 4700        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:01:28.0765 4700        Null - ok
19:01:28.0827 4700        NVENETFD        (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
19:01:28.0890 4700        NVENETFD - ok
19:01:29.0904 4700        nvlddmkm        (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:01:30.0559 4700        nvlddmkm - ok
19:01:30.0699 4700        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:01:30.0730 4700        nvraid - ok
19:01:30.0808 4700        nvsmu          (7ec12a73067baca25a8e3e2a58ae83d8) C:\Windows\system32\DRIVERS\nvsmu.sys
19:01:30.0840 4700        nvsmu - ok
19:01:30.0855 4700        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:01:30.0871 4700        nvstor - ok
19:01:30.0886 4700        nvstor32        (4876e7c3184bdf50ede043fef616b867) C:\Windows\system32\DRIVERS\nvstor32.sys
19:01:30.0918 4700        nvstor32 - ok
19:01:30.0996 4700        nvsvc          (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
19:01:31.0042 4700        nvsvc - ok
19:01:31.0042 4700        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:01:31.0074 4700        nv_agp - ok
19:01:31.0074 4700        NwlnkFlt - ok
19:01:31.0089 4700        NwlnkFwd - ok
19:01:31.0370 4700        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:01:31.0417 4700        odserv - ok
19:01:31.0479 4700        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:01:31.0526 4700        ohci1394 - ok
19:01:31.0588 4700        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:31.0620 4700        ose - ok
19:01:31.0791 4700        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:01:31.0900 4700        p2pimsvc - ok
19:01:31.0916 4700        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:01:31.0947 4700        p2psvc - ok
19:01:31.0963 4700        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:01:32.0072 4700        Parport - ok
19:01:32.0119 4700        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:01:32.0134 4700        partmgr - ok
19:01:32.0150 4700        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:01:32.0212 4700        Parvdm - ok
19:01:32.0244 4700        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:01:32.0290 4700        PcaSvc - ok
19:01:32.0337 4700        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:01:32.0368 4700        pci - ok
19:01:32.0400 4700        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
19:01:32.0415 4700        pciide - ok
19:01:32.0446 4700        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:01:32.0462 4700        pcmcia - ok
19:01:32.0509 4700        PDNMp50        (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\drivers\PDNMp50.sys
19:01:32.0524 4700        PDNMp50 - ok
19:01:32.0540 4700        PDNSp50        (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\drivers\PDNSp50.sys
19:01:32.0556 4700        PDNSp50 - ok
19:01:32.0758 4700        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:01:32.0852 4700        PEAUTH - ok
19:01:33.0164 4700        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:01:33.0242 4700        pla - ok
19:01:33.0289 4700        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:01:33.0336 4700        PlugPlay - ok
19:01:33.0398 4700        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:01:33.0414 4700        PNRPAutoReg - ok
19:01:33.0445 4700        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:01:33.0460 4700        PNRPsvc - ok
19:01:33.0538 4700        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:01:33.0632 4700        PolicyAgent - ok
19:01:33.0710 4700        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:01:33.0772 4700        PptpMiniport - ok
19:01:33.0819 4700        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:01:33.0882 4700        Processor - ok
19:01:33.0944 4700        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:01:33.0975 4700        ProfSvc - ok
19:01:34.0022 4700        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:01:34.0038 4700        ProtectedStorage - ok
19:01:34.0053 4700        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:01:34.0100 4700        PSched - ok
19:01:34.0162 4700        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
19:01:34.0178 4700        PxHelp20 - ok
19:01:34.0240 4700        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:01:34.0303 4700        ql2300 - ok
19:01:34.0318 4700        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:01:34.0334 4700        ql40xx - ok
19:01:34.0365 4700        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:01:34.0428 4700        QWAVE - ok
19:01:34.0443 4700        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:01:34.0474 4700        QWAVEdrv - ok
19:01:34.0490 4700        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:01:34.0521 4700        RasAcd - ok
19:01:34.0552 4700        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:01:34.0584 4700        RasAuto - ok
19:01:34.0615 4700        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:34.0662 4700        Rasl2tp - ok
19:01:34.0708 4700        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:01:34.0786 4700        RasMan - ok
19:01:34.0818 4700        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:34.0849 4700        RasPppoe - ok
19:01:34.0880 4700        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:01:34.0896 4700        RasSstp - ok
19:01:34.0958 4700        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:01:34.0989 4700        rdbss - ok
19:01:35.0005 4700        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:35.0052 4700        RDPCDD - ok
19:01:35.0176 4700        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:01:35.0223 4700        rdpdr - ok
19:01:35.0239 4700        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:01:35.0270 4700        RDPENCDD - ok
19:01:35.0332 4700        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:01:35.0395 4700        RDPWD - ok
19:01:35.0488 4700        Reconn          (7528b6f193d76a7183271e44f04a7905) C:\Program Files\BullGuard Software\BullGuard\reconn.sys
19:01:35.0504 4700        Reconn - ok
19:01:35.0566 4700        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:01:35.0613 4700        RemoteAccess - ok
19:01:35.0660 4700        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:01:35.0707 4700        RemoteRegistry - ok
19:01:35.0769 4700        RichVideo      (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:01:35.0800 4700        RichVideo - ok
19:01:35.0832 4700        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:01:35.0894 4700        RpcLocator - ok
19:01:35.0941 4700        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:01:35.0988 4700        RpcSs - ok
19:01:36.0081 4700        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:01:36.0128 4700        rspndr - ok
19:01:36.0159 4700        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:01:36.0175 4700        SamSs - ok
19:01:36.0222 4700        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:01:36.0237 4700        sbp2port - ok
19:01:36.0300 4700        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:01:36.0346 4700        SCardSvr - ok
19:01:36.0534 4700        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:01:36.0643 4700        Schedule - ok
19:01:36.0705 4700        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:01:36.0721 4700        SCPolicySvc - ok
19:01:36.0783 4700        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:01:36.0861 4700        SDRSVC - ok
19:01:36.0877 4700        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:01:36.0939 4700        secdrv - ok
19:01:36.0955 4700        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:01:36.0986 4700        seclogon - ok
19:01:37.0017 4700        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:01:37.0064 4700        SENS - ok
19:01:37.0095 4700        Serenum        (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
19:01:37.0142 4700        Serenum - ok
19:01:37.0189 4700        Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
19:01:37.0220 4700        Serial - ok
19:01:37.0251 4700        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:01:37.0298 4700        sermouse - ok
19:01:37.0329 4700        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:01:37.0376 4700        SessionEnv - ok
19:01:37.0407 4700        sffdisk        (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
19:01:37.0438 4700        sffdisk - ok
19:01:37.0454 4700        sffp_mmc        (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
19:01:37.0485 4700        sffp_mmc - ok
19:01:37.0501 4700        sffp_sd        (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
19:01:37.0516 4700        sffp_sd - ok
19:01:37.0532 4700        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:01:37.0579 4700        sfloppy - ok
19:01:37.0672 4700        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:01:37.0719 4700        SharedAccess - ok
19:01:37.0750 4700        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:01:37.0828 4700        ShellHWDetection - ok
19:01:37.0828 4700        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:01:37.0844 4700        sisagp - ok
19:01:37.0860 4700        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:01:37.0875 4700        SiSRaid2 - ok
19:01:37.0891 4700        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:01:37.0906 4700        SiSRaid4 - ok
19:01:38.0328 4700        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:01:38.0577 4700        slsvc - ok
19:01:38.0655 4700        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:01:38.0686 4700        SLUINotify - ok
19:01:38.0718 4700        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:01:38.0780 4700        Smb - ok
19:01:38.0811 4700        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:01:38.0827 4700        SNMPTRAP - ok
19:01:38.0858 4700        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:01:38.0889 4700        spldr - ok
19:01:38.0936 4700        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:01:38.0983 4700        Spooler - ok
19:01:39.0014 4700        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:01:39.0092 4700        srv - ok
19:01:39.0139 4700        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:01:39.0232 4700        srv2 - ok
19:01:39.0404 4700        srvcPVR        (bf94a7553ef257d70cb2287bf7a3bce1) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
19:01:39.0576 4700        srvcPVR ( UnsignedFile.Multi.Generic ) - warning
19:01:39.0576 4700        srvcPVR - detected UnsignedFile.Multi.Generic (1)
19:01:39.0622 4700        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:01:39.0654 4700        srvnet - ok
19:01:39.0685 4700        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:01:39.0732 4700        SSDPSRV - ok
19:01:39.0778 4700        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:01:39.0810 4700        SstpSvc - ok
19:01:39.0919 4700        Stereo Service  (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:01:40.0012 4700        Stereo Service - ok
19:01:40.0106 4700        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:01:40.0168 4700        stisvc - ok
19:01:40.0215 4700        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:01:40.0246 4700        swenum - ok
19:01:40.0340 4700        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:01:40.0402 4700        swprv - ok
19:01:40.0434 4700        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:01:40.0465 4700        Symc8xx - ok
19:01:40.0465 4700        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:01:40.0496 4700        Sym_hi - ok
19:01:40.0496 4700        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:01:40.0512 4700        Sym_u3 - ok
19:01:40.0558 4700        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:01:40.0590 4700        SysMain - ok
19:01:40.0636 4700        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:01:40.0714 4700        TabletInputService - ok
19:01:40.0746 4700        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:01:40.0792 4700        TapiSrv - ok
19:01:40.0824 4700        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:01:40.0855 4700        TBS - ok
19:01:41.0182 4700        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:01:41.0292 4700        Tcpip - ok
19:01:41.0307 4700        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:01:41.0338 4700        Tcpip6 - ok
19:01:41.0385 4700        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:01:41.0432 4700        tcpipreg - ok
19:01:41.0463 4700        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:01:41.0510 4700        TDPIPE - ok
19:01:41.0541 4700        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:01:41.0588 4700        TDTCP - ok
19:01:41.0635 4700        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:01:41.0682 4700        tdx - ok
19:01:41.0713 4700        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:01:41.0728 4700        TermDD - ok
19:01:41.0760 4700        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:01:41.0838 4700        TermService - ok
19:01:41.0884 4700        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:01:41.0900 4700        Themes - ok
19:01:41.0931 4700        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:01:41.0947 4700        THREADORDER - ok
19:01:41.0978 4700        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:01:42.0009 4700        TrkWks - ok
19:01:42.0056 4700        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:01:42.0072 4700        TrustedInstaller - ok
19:01:42.0087 4700        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:42.0134 4700        tssecsrv - ok
19:01:42.0165 4700        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:01:42.0212 4700        tunmp - ok
19:01:42.0243 4700        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:01:42.0274 4700        tunnel - ok
19:01:42.0306 4700        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:01:42.0321 4700        uagp35 - ok
19:01:42.0368 4700        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:01:42.0399 4700        udfs - ok
19:01:42.0415 4700        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:01:42.0446 4700        UI0Detect - ok
19:01:42.0462 4700        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:01:42.0477 4700        uliagpkx - ok
19:01:42.0493 4700        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:01:42.0524 4700        uliahci - ok
19:01:42.0540 4700        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:01:42.0555 4700        UlSata - ok
19:01:42.0571 4700        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:01:42.0586 4700        ulsata2 - ok
19:01:42.0602 4700        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:01:42.0633 4700        umbus - ok
19:01:42.0664 4700        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:01:42.0727 4700        upnphost - ok
19:01:42.0805 4700        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:01:42.0836 4700        USBAAPL - ok
19:01:42.0898 4700        usbccgp        (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:42.0945 4700        usbccgp - ok
19:01:42.0976 4700        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:01:43.0023 4700        usbcir - ok
19:01:43.0054 4700        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:01:43.0101 4700        usbehci - ok
19:01:43.0132 4700        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:01:43.0179 4700        usbhub - ok
19:01:43.0195 4700        usbohci        (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
19:01:43.0226 4700        usbohci - ok
19:01:43.0257 4700        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:01:43.0320 4700        usbprint - ok
19:01:43.0351 4700        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:01:43.0398 4700        usbscan - ok
19:01:43.0413 4700        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:43.0444 4700        USBSTOR - ok
19:01:43.0476 4700        usbuhci        (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
19:01:43.0522 4700        usbuhci - ok
19:01:43.0569 4700        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:01:43.0600 4700        UxSms - ok
19:01:43.0741 4700        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:01:43.0850 4700        vds - ok
19:01:43.0881 4700        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:43.0959 4700        vga - ok
19:01:44.0068 4700        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:01:44.0100 4700        VgaSave - ok
19:01:44.0115 4700        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:01:44.0131 4700        viaagp - ok
19:01:44.0146 4700        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:01:44.0193 4700        ViaC7 - ok
19:01:44.0240 4700        viaide          (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
19:01:44.0256 4700        viaide - ok
19:01:44.0287 4700        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:01:44.0302 4700        volmgr - ok
19:01:44.0334 4700        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:01:44.0365 4700        volmgrx - ok
19:01:44.0427 4700        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:01:44.0458 4700        volsnap - ok
19:01:44.0490 4700        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:01:44.0505 4700        vsmraid - ok
19:01:44.0599 4700        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:01:44.0739 4700        VSS - ok
19:01:44.0833 4700        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:01:44.0895 4700        W32Time - ok
19:01:44.0911 4700        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:01:44.0958 4700        WacomPen - ok
19:01:45.0036 4700        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:45.0082 4700        Wanarp - ok
19:01:45.0082 4700        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:01:45.0114 4700        Wanarpv6 - ok
19:01:45.0207 4700        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:01:45.0301 4700        wcncsvc - ok
19:01:45.0332 4700        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:01:45.0410 4700        WcsPlugInService - ok
19:01:45.0441 4700        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:01:45.0472 4700        Wd - ok
19:01:45.0644 4700        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:01:45.0691 4700        Wdf01000 - ok
19:01:45.0816 4700        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:01:45.0925 4700        WdiServiceHost - ok
19:01:45.0940 4700        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:01:45.0956 4700        WdiSystemHost - ok
19:01:46.0034 4700        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:01:46.0112 4700        WebClient - ok
19:01:46.0252 4700        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:01:46.0299 4700        Wecsvc - ok
19:01:46.0346 4700        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:01:46.0377 4700        wercplsupport - ok
19:01:46.0408 4700        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:01:46.0455 4700        WerSvc - ok
19:01:46.0564 4700        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:01:46.0611 4700        WinDefend - ok
19:01:46.0611 4700        WinHttpAutoProxySvc - ok
19:01:46.0736 4700        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:01:46.0814 4700        Winmgmt - ok
19:01:46.0908 4700        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:01:47.0032 4700        WinRM - ok
19:01:47.0142 4700        winusb          (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
19:01:47.0188 4700        winusb - ok
19:01:47.0313 4700        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:01:47.0422 4700        Wlansvc - ok
19:01:47.0454 4700        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
19:01:47.0610 4700        WmiAcpi - ok
19:01:47.0766 4700        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:01:47.0797 4700        wmiApSrv - ok
19:01:48.0093 4700        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:01:48.0171 4700        WMPNetworkSvc - ok
19:01:48.0265 4700        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:01:48.0312 4700        WPCSvc - ok
19:01:48.0374 4700        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:01:48.0436 4700        WPDBusEnum - ok
19:01:48.0483 4700        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:01:48.0514 4700        WpdUsb - ok
19:01:49.0123 4700        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:01:49.0216 4700        WPFFontCache_v0400 - ok
19:01:49.0279 4700        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:01:49.0310 4700        ws2ifsl - ok
19:01:49.0388 4700        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:01:49.0419 4700        wscsvc - ok
19:01:49.0419 4700        WSearch - ok
19:01:49.0716 4700        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:01:49.0903 4700        wuauserv - ok
19:01:49.0965 4700        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:01:50.0012 4700        WUDFRd - ok
19:01:50.0074 4700        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:01:50.0106 4700        wudfsvc - ok
19:01:50.0152 4700        X10Hid          (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
19:01:50.0168 4700        X10Hid - ok
19:01:50.0293 4700        x10nets        (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
19:01:50.0340 4700        x10nets ( UnsignedFile.Multi.Generic ) - warning
19:01:50.0340 4700        x10nets - detected UnsignedFile.Multi.Generic (1)
19:01:50.0433 4700        XUIF            (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
19:01:50.0449 4700        XUIF - ok
19:01:50.0464 4700        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:01:50.0542 4700        \Device\Harddisk0\DR0 - ok
19:01:50.0542 4700        Boot (0x1200)  (65057d06e751ed002cd26451db2b72fc) \Device\Harddisk0\DR0\Partition0
19:01:50.0542 4700        \Device\Harddisk0\DR0\Partition0 - ok
19:01:50.0558 4700        Boot (0x1200)  (9bb818e890fd8ccdbb3b5eedf124b97b) \Device\Harddisk0\DR0\Partition1
19:01:50.0558 4700        \Device\Harddisk0\DR0\Partition1 - ok
19:01:50.0558 4700        ============================================================
19:01:50.0558 4700        Scan finished
19:01:50.0558 4700        ============================================================
19:01:50.0808 4972        Detected object count: 7
19:01:50.0808 4972        Actual detected object count: 7
19:02:28.0591 4972        BGLiveSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        BGLiveSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        GnabService ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        GnabService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:02:28.0606 4972        x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:28.0606 4972        x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:10 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131